Re: BASE Feature Suggestion to Display Rule Source

[Kevin Johnson <kjohnson () secureideas net>]

On Fri, 2005-09-16 at 09:42 +0100, Alex Butcher, ISC/ISYS wrote:
> --On 15 September 2005 18:18 -0500 "McCash, John" <John.McCash () andrew com> 
> wrote:
>
> >     From the BASE config file, it looks like the <snort> tag is more
> > or less just forwarded to the sourcefire URL with a sid number, and the
> > resultant page is displayed. It strikes me (as a non PHP programmer, no
> > flames please) that it should not be terribly difficult to have BASE
> > instead display a web page with two frames, and put the sourcefire stuff
> > in one, while simultaneously displaying the full text of the referenced
> > rule (pulled from a locally maintained copy of all rules in use) in the
> > other.
>
> Indeed - I did this for my local copy of ACID about a year ago. I ported my 
> patch to BASE a few weeks back. Kevin basically liked it, but wanted to 
> tweak it slightly to allow the location of the rules to be modified.
>
> I guess it might show up in the next release.
>
> I've attached my patch against 1.1.4, FWIW.
>
> >             John
>
> Best Regards,
> Alex.

Hi-

Kevin did like it, along with your other patches.<g>  I should be
getting most of them into CVS this weekend and after testing the next
release will include them.

Kevin

---------------------
BASE Project Lead
http://sourceforge.net/projects/secureideas
http://base.secureideas.net
The next step in IDS analysis!

Attachment: signature.asc
Description: This is a digitally signed message part